You can monitor login login in the following ways: Create TABLE Login_log--Log in Log out information table (session_id int NOT NULL,-sessionidlogin_on_time date,- Log in to Login_off_time date,--Log out time user_in_db varchar2 (30),--Log in db Usermachine varchar2 (20),--Machine name IP_Address VARCHAR2 (20) ,--IP address run_program varchar2 (20)--Ho Chengxu login); CREATE table Allow_user--Network domain user table (ip_address varchar2 ()--IP address Login_user_ Name Nvarchar2 (20)--operator name; creates two triggers: Create or replace trigger Login_on_info--triggers that log logon information on the database Begin Insert into Login_log (session_id,login_on_time,login_off_time,user_in_db,machine,ip_address,run_program) Select Audsid,sysdate,null,sys.login_user,machine,sys_context (' USERENV ', ' ip_address '), Programfrom v$session where AUDSID = USERENV (' SESSIONID '); --current sessionend;create or replace trigger login_off_info--triggers that log log out information unreported logoff on database beginupdate Login_log set Login_off_time = Sysdatewhere session_id = USERENV (' SESSIONID '); --current session exceptionwhen others thennull; End; method Two: An event that performs a drop action can be recorded in the following manner: The Audit log table for the/*** Drop statement */create table Drop_log (session_id int NOT NULL,-sessioniddrop_time Date,--the time of drop ip_address varchar2,--IP address object_owner varchar2 (30), the owner of the object object_name varchar2 (30),-- Object name object_type varchar2 (20),-Object type Drop_by_user VARCHAR2 (30)-User executing drop statement; Create or replace trigger after Drop on Mfg0513user.schema--a trigger that creates an instance drop on a mfg0513user user is begin insert into Drop_log (session_id,drop_time,ip_address, Object_owner,object_name,object_type,drop_by_user) VALUES (USERENV (' SESSIONID '), Sysdate,sys_context (' USERENV ', ' IP_Address '), sys.dictionary_obj_owner,sys.dictionary_obj_name,sys.dictionary_obj_type,sys.login_user); End; Responsible Editor Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passing (0 Votes) The original: Database security audit return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.